Global Internal Audit Services
advertisement
Draft version Global Internal Audit Services Conducted in Accordance with the International Standards for the Professional Practice of Internal Auditing. Organizational unit: Unit XY Report No.: Audit Title: Purchasing Audit 1 Management Summary 2 Implementation Report Appendix 3 Organizational Chart Confidential 15/2007 Draft version Global Internal Audit Services Management Summary Conducted in Accordance with the International Standards for the Professional Practice of Internal Auditing Audit Title: Audit Type: Audit Report No.: 15/2007 Standard Audit Status: Auditor(s): John Miller, Jane Myers, Bill Smith Basic Audit Executive Responsible: Catherine Dubois Date of Audit: 12 - 23 February 2007 Date of Closing Meeting: 23 Febr. 2007 Participants of Closing Meeting: Tim Cohen, Catherine Dubois, Sonia Jiang, John Miller, Jane Myers, Maria Rojas, Bill Smith Distribution List: Tim Cohen, Catherine Dubois, Sonia Jiang, Maria Rojas, Note: Due to confidentiality requirements the distribution of Audit Reports must be limited. Therefore, please forward this report only to the additional parties which should be informed and / or might be part of the implementation of the audit recommendations. Overview/Audit Objectives: Global Internal Audit Services has conducted an audit of the purchasing function. The audit included Purchasing's organizational structure, policies and guidelines, as well as the relevant operational and financial processes. Audit Status Date Audit Rating (please tick) Basic Audit 12 - 23 February 2007 Ref. Impl Report Overall Audit Statement/ Scoring Findings / Recommendations Needs Improvement 1. Signature policy: Finding/observation: The signature policy has not been adapted to the current organizational structure and is thus not up-to-date. Recommendation: The signature policy is to be adapted to the current organizational structure as laid out in the organizational chart. Y 2. Vendor selection and competitive bidding process: Finding/observation: The practice of soliciting at least two bids from external vendors prior to award of contract has not been implemented in all Purchasing areas and has not been included in the purchasing guidelines as a requirement. Recommendation: A rule is to be included in the purchasing guidelines requiring the solicitation of at least two offers from external vendors. This rule is to be implemented in all Purchasing areas. Meets Standard Status Check I R Y G R Y G R Y G Follow-up Audit I Meets Standard Status Check II # of findings: 3 Meets Standard New: 3 In process: Reasonably controlled: GIAS Pending: Done: Confidential Open: Mgmt. disagreed: 1 3 Draft version Global Internal Audit Services Conducted in Accordance with the International Standards for the Professional Practice of Internal Auditing. Audit Implementation Report No.: 15/2007 Organizational unit: Purchasing Auditor(s): John Miller, Jane Myers, Bill Smith Basic Audit Audit Status: Monitoring Audit Items No. 1 Classification B Observation/Finding Strategy and organizational structure Signature policy Risk condition: The signature policy has not been adapted to the current organizational structure and is thus not up-to-date. Risk Category Recommendation Action/ Management Responses Responsible Completion date Status Local Management Status GIAS Business The signature policy is to be adapted Recommendation Catherine risk to the current organizational structure will be implemented Dubois as laid out in the organizational chart. 03/2007 O New Financial All supplier invoices are to be entered Recommendation Catherine risk into the system by the financial will be implemented Dubois accounting department. 03/2007 O New Risk consequence: There is a risk that unauthorized persons might sign documents to the disadvantage of the company. 2 L Accounting Finance and administration responsibilities All accounting entries, including supplier invoices, are to be carried out by the financial accounting department. GIAS found out that all supplier invoices related to the car pool are being entered into the accounting system not by the financial accounting department but by the respective area within Purchasing. Risk condition: Segregation of duties and the dual control principle are not guaranteed. Risk consequence: Risk of incorrect accounting entries. Confidential Draft version Global Internal Audit Services Conducted in Accordance with the International Standards for the Professional Practice of Internal Auditing. Audit Implementation Report No.: 15/2007 Organizational unit: Purchasing Auditor(s): John Miller, Jane Myers, Bill Smith Basic Audit Audit Status: Monitoring Audit Items No. Classification 3 B Observation/Finding Purchasing process Vendor selection and competitive bidding process Risk condition: (1) Good business practice requires that at least two offers from external vendors be available prior to award of contract. This requirement has not been included in the purchasing guidelines. (2) The practice of soliciting at least two bids from external vendors prior to award of contract has not been implemented in all Purchasing areas. Risk Category Business and financial risk Recommendation Action/ Management Responses Responsible A rule is to be added to the Recommendation Catherine purchasing guidelines requiring the will be implemented Dubois solicitation of at least two offers from extenal vendors. This rule is to be implemented in all Purchasing areas. Risk consequence: There is a risk that the supplier selection process is not guided by efficiency and effectiveness considerations. This may lead to financial and/or quality loss. Confidential Completion date Status Local Management 03/2007 O Status GIAS New Organizational Chart Purchasing Global Purchasing Manager Catherine Dubois Purchasing – External Services Purchasing – Marketing Purchasing – IT Purchasing – Office Equipment Purchasing – Car Pool C. Vargas Y. Zhou S. Dawson P. Stern K. Hamilton
